1. Field of the Invention
The present application generally relates to a method and system for secure collaboration between two users, and, more particularly, a method and system which uses communication of Slepian-Wolf information to ensure secure sharing.
2. Background Description
The problem addressed by this invention is that of secure sharing of information between users (say, User A and User B) with limited mutual trust. Specifically, the scenario considered is one where the first user wants to share information (termed source data or source information) with the second user but only if the second user already has correlated information (termed side-information). This scenario is of practical importance in applications involving information sharing among entities with limited mutual trust.
An example of this is secure sharing of medical information among doctors where, due to privacy concerns, doctor A only wishes to share those medical records for which doctor B already has a correlated (e.g., a somewhat degraded) copy. In such a case, the source information X may consist of medical imaging records (such as CT scan data) and side-information Y may consist of related data captured with a similar but non-identical imaging modality (such as lower-resolution CT data). In this case, the collaboration may be asymmetric (user A transmits information to user B) or symmetric (both users transmit and receive information). The data shared, in general, may be multimedia data wherein the possible side-informations and the source may have a non-trivial correlation structure. Further, User A may or may not know the correlation between the source and the possible side-informations exactly, and there may be a cost associated with the use of the communication channel (for example, bandwidth might be limited). Thus, User A may want to transmit information to User B incrementally untill a predefined limit.
FIG. 1 is a block diagram illustrating the scenario considered. Prior to communication, User A 150 has access to the source data X 100, and User B 151 has access to side-information Y 105. The side-information Y 105 may be one of two possible side-informations Y1 101 or Y2 102. The information Y1 101 is correlated to the source-data X 100, with the correlation structure represented by a hypothetical correlation channel 103, which embodies for example the joint probability distribution of X and Y1. The information Y2 101 is uncorrelated or only poorly correlated to the source-data X 100. The hypothetical single-output selector 104, with inputs Y1 and Y2 and output equal to one of the two inputs, represents the fact that the side-information Y 105 can be equal to either Y1 or Y2. The problem considered is as follows. User A 150 would like to transmit sufficient data over the data communication channel 152 such that User B 151 would be able to obtain source data X 100, but only if the side-information Y 105 possessed by User B is equal to the correlated side-information Y1 101, and not if it is equal to the poorly correlated side-information data Y2 102. For example, in the context of the medical information sharing example discussed above, source data X 100 would represent the medical records to be shared, side-information Y1 would represent information about the same patient taken with a different modality, while Y2 might represent information about other patients (which would, thus, not be correlated with X).
Prior art related to the present invention may be classified into the following categories. A first related system is the one described in the paper by Lin et al., titled “Image Authentication Based on Distributed Source Coding”, Proceeding of the Intnl. Conf. on Image Processing 2007, volume 3, pages 5-8. However, the system described therein does not allow encoder and decoder interaction, and thus the decoder largely plays a passive role in authentication. Further, it does not allow the encoder and decoder to build trust in an online, incremental fashion.
A second class of related prior methods uses cryptographic methods alone for secure communication or verification of trust. Examples of this class of solutions include the methods described in U.S. Patent Application Publication US20060050869A1 for “Method and apparatus for managing secure collaborative transactions” and U.S. Patent Application Publication US20070118877A1 for “Method and system for secured online collaboration”. The main shortcoming of these approaches is that these are severely restrictive because they require the valid side-information to be identical to the source, and hence cannot be used when the source and side-information are media information which may be correlated but non-identical. Thus, the utility of this approach is severely limited in applications such as that listed above.
Another related class of prior methods utilise hash functions for access control. These include the methods described in U.S. Pat. No. 7,240,210 for “Hash value computer of content of digital signals decoder feedback”, U.S. Pat. No. 5,465,353 for “Image matching and retrieval by multi-access redundant hashing”, and U.S. Patent Application Publication US20060123241A1 for “Biometric based user authentication and data encryption”. The main shortcomings of these methods in the current context are that these are restricted to a particular domain (e.g., a given class of images) and to a particular class of distortions (e.g., compression). Further, the decoder cannot reconstruct the source data from the side-information in the first two publications mentioned above.